Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
WordPress Plugin OAuth Single Sign On-SSO (OAuth Client) Security Bypass - CVE-2022-2133 - Vulnerability Database
WP Plugin Miniorange Login With Eve Online Google Facebook

WordPress Plugin OAuth Single Sign On-SSO (OAuth Client) Security Bypass - CVE-2022-2133

Critical
Reference: CVE-2022-2133
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2022-2133
Title: WordPress Plugin OAuth Single Sign On-SSO (OAuth Client) Security Bypass
Overview:

WordPress Plugin OAuth Single Sign On-SSO (OAuth Client) is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently log onto the site with the only knowledge of a users email address. WordPress Plugin OAuth Single Sign On-SSO (OAuth Client) version 6.22.5 is vulnerable prior versions may also be affected.